Asia Pacific – a centre of digital innovation and the focus for DNS attacks

27 September 2017

Undoubtedly, Asia Pacific (APAC) is expanding in its digital landscape. China and India, for example, are the two fastest growing economies in the world. The APAC regions currently own approximately 34% of the world’s economy with China ranking second place, following the US, owning $11 trillion.

Some of this fast growth has been driven by technology initiatives. The government of Singapore is looking to fuel tech startups in its quest to transform Singapore into a high-tech hub. If that is not convincing enough, just look at the international tech-driven brands such as Alibaba, Infosys, Tata and Tencent.

This growth in digital innovation in APAC, however, places a larger target on its organizations’ IT networks. DNS, a fundamental technology layer, is often forgotten, except by hackers for whom it is a primary entry to corporate data.

For a third consecutive year, we have conducted a global survey looking into the rise in DNS threats and its impact on businesses. Following on from our analysis of North America and European businesses, we interviewed 300 different companies from APAC’s leading digital economies as part of our survey.

APAC’s focus on innovation and a digitally savvy population now make it a growing target for online criminals, who either want to steal or cash in on world-class thinking. Sure enough, APAC suffered the highest number of cyber attacks in 2016 worldwide. It is a testament to the region’s innovative streak but also highlights the risks it faces to retain its growth. The EfficientIP survey highlights the promise and the risks faced by APAC organizations.

A more advanced response to DNS security

APAC companies are certainly conscious of the importance of DNS security, with 92% of respondents recognizing DNS as being critical to their business. At 45% of respondents, compared to Europe (34%) and North America (39%), APAC demonstrated better awareness of the top five DNS-based attacks. The top five types of attacks suffered by APAC businesses over the last 12 months were; DNS-based malware (38%), DDoS attacks (38%), Cache Poisoning (27%), DNS Tunnelling (23%) and Zero-Day vulnerabilities (20%). The issue then is not awareness, so what about actions?

In planning and responding to network-based attacks, APAC organizations have more foresight compared with the rest of the world, and added more network or resource bandwidth than in North America where only 16% responded to attacks in this way. India was the best within APAC with 30% of organizations improving their network bandwidth, followed by Singapore (24%) and Australia (19%).

A quarter of APAC respondents also switched to alternate sites following or during an attack, allowing them to continue running the business while the attacker concentrated on the original site. Despite being a common and logical response, doing so presents further risks to the corporate network.

Not all good news

APAC businesses have a higher awareness to critical DNS-based attacks. Yet, on average, they have been subjected to more attacks than their peers across the world. Nearly one-third (31%) of organizations were subject to 5-10 attacks in the past year.

These attacks have left businesses vulnerable with over a quarter (27%) of APAC organizations surveyed having experienced Data Exfiltration via DNS. Of those, 18% had sensitive customer information stolen and 12% intellectual property stolen.

Although data exfiltration is among the most serious of effects from hacking, it can often go unnoticed; 52% of respondents stated it took them between one and three days to identify data exfiltration. For a region where the majority (63%) of businesses are undergoing digital transformation, being slow to spot data exfiltration is a major point of concern.

Bigger attacks, more budget wasted?

Some 57% of organizations have a hosted/cloud DNS Appliance base. It is disappointing then that nearly half (46%) suffered cloud service downtime in the last 12 months, surpassing their North American (44%) and European (36%) counterparts. Some businesses believe they are responding positively to an attack by closing down affected applications to mitigate the attack. However, by doing so, over a third of organizations (36%) reacted in a way the attacker wanted.
The attacks experienced in the APAC region are super-sized. Over a third of DDoS attacks (36%) were between 5 Gbits/s and 50 Gbits/s – that’s up to a twelve centimeter stack of CDs worth of data in a second!

There is always a cost attached to protecting corporate networks. 19% of businesses surveyed had to pay between $501K and $5M to remediate the attack. Mitigating an attack also costs a business more time than they may have planned for, as employees are taken off their regular daily priorities to deal with the attack, consequently spending the business budget which could have been allocated to other projects.

For 48% of APAC organizations, it took almost a full business day (six hours) or more to mitigate the effects of the attack. Worryingly, two out of five (42%) of respondents stated it took three days between a vulnerability notification and the installation of the security patch, and almost a quarter (23%) took a week! This does not bode well as organizations move into a new, tougher era of global data protection regulation.

Time to lead – in the right way

Whilst displaying a better awareness of DNS-based attacks and to some extent how to respond to such attacks, some APAC organizations still leave the door open to these attacks, costing them time, staff resources and money. Their fast growth, the large user base of their organizations and the sheer size of attacks they are subject to, mean it is time for action. As organizations in Asia Pacific strive to achieve further digital advancements, it is essential that they give due attention to protect their networks from future attacks.